Review – 2 Advisories Published – 6-25-24

Today, CISA’s NCCIC-ICS published two control system security advisories for products from PTC and ABB.

Advisories

PTC Advisory - This advisory describes a missing authentication vulnerability in the PTC Creo Elements Direct License Server.

ABB Advisory - This advisory describes an improper input validation vulnerability in the ABB 800xA Base services in PC based client/server nodes.

 

For more information on these advisories, including another Otorio reported vulnerability in the ABB product, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-published-6-25-24 - subscription required.